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A system and method for distribution of elec- 
tronic data over a network infrastructure that includes 
a client device to receive the data and a server for 
downloading the data to the client device via the net- 
work infrastructure. The client device communicates a 
compound data key that includes a unique serial num- 
ber associated with a particular piece of media to which 
the electronic data is to be stored to the server, ven- 
dor information and user information. The server en- 
crypts the electronic data using the compound key, and 
downloads the encrypted electronic data to the partic- 
ular piece of media on the client device such that the 
encrypted electronic data may only be accessed from 
the particular piece of media. The electronic data is de- 
crypted for use by the client or another device attached 
to the client using the compound key as a data key, 
and the data being accessible from only the one piece 
of media having the unique serial number and not from 
any other media having a different or no identifier. 
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SYSTEM FOR KEYING PROTECTED ELECTRONIC DATA TO PARTICULAR MEDIA USING A COMPOUND KEY 
TO PREVENT UNAUTHORIZED COPYING 



CROSS-REFERENCE TO RELATED APPLICATIONS 

5 The present application is a continuation-in-part of U.S. Patent ApplicationNo. 

09/061,493, filed April 17, 1998, entitled "System for Keying Protected Electronic Data to 
Particular Media to Prevent Unauthorized Copying" 

FIELD OF THE INVENTION 

The present invention relates to the prevention of unauthorized copying by 
1 0 associating electronic data to a particular piece of storage media. In particular, the present 
invention relates to a remote data delivery system wherein electronic data to be protected is 
delivered in a secure manner to a local machine which stores and permanently associates the 
protected electronic data to a particular piece of storage media based on a composite key using 
at least a unique identifier of the media. 

1 5 BACKGROUND OF THE INVENTION 

Protection of copyrighted and other protected digitally stored data has always 
been a primary concern of the owners of such material. In particular, piracy of computer 
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softwam, music and video has been and continues to be of grea, concern because it is a., but 

video induces to curtail piracy, each has been me. with limited success. 

Aspartofmc.ffort.ocombatpiracy,softwareve„dorshavelicensedsoftware 

5 rather than transferring ownership when purchased. When software is purchased^ Ore 
purchaser becomes a licensed user (i.e., licensee) rather than an owner. Copyng of software 
Ler most license agreement is generally Hmiteu to one copy for backup purposes only u, 
order to legaUy restrict unlimited copying. In addition, the software license typrcaUy grams 
a right to use the software on a single computer or for use by only one user a. any tune. 
, „ Software vendors have also attempted to combat software piracy by copy- 

protecting their software. While mis attempt was eifective to some extent, i, failed because 
users were unable to make backup copies. Also, soon after the firs, copyprotected computer 
software was on the market, other programs to copy the copy-protected software became 
avaiUble. Outer copyright protection merited* were then develop in an attempt te step 
15 piracy, alsowith limited success. These attemp* induded rearing a master floppy d,sk ,o 
L inserted into rite computer or rearing the user to enter a key or other mformation 
contained in rite user manual or license agreement when executing me software ftom the 
computer's hard drive. Still outers required a hardware key to be present in me computer s 
paraHe, port, which was tead when the software was executed. Software vendors recerved . 
20 temporary reprieve when CD-ROMs became the standard media for digital storage and 
di slution of software, because applications gtew to be so large rita, me only means for 
copying me softwam was te "bum" duplicates on expe^ive recordable CDS. However, rite 
prices of recordable CDS and the drives to write recordable CDS have fallen dramatically and 
pirates can once again produce cheap illegal copies of protected software. 
15 The music and video industries have a different concern than rite software 

vendors. These induces are particularly concerned with pirates making perfect copies of 
digi u..y stereo music and videos. White copying of music and video for non-commerctal 
ptoses is al.owed, such copying has historical* been performed by tape decks and v,d«o 
cassette recorders using analog reeling techm„ues. Anaiog reproduction resets m 
,0 decreasing quality with every generation, whereas digital copies are exact and suffer no 
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fidelity loss. As noted, prices of recordable CDS and the drives to write to recordable CDS 
have fallen dramatically and these drives can just as easily record music to the CDS as they 
record software and data. Further, with the advent of the Digital Versatile Disk (DVD), full 
length motion pictures may now be recorded to a single DVD disk. As a result, the music and 
5 video industries also have a growing need to prevent copying of digitally recorded works. 

Fueling the concern of software vendors and the music and video industries is 
the rapid growth of the digital age and global communications. In the early 1 980's when the 
personal computer (PC) was in its infancy and software vendors first attempted to protect their 
intellectual property, there were few, if any, mass distribution channels. At the same time 
1 0 period, the music and video industries were strictly analog at the consumer level. Thus, piracy 
was not a major factor as it was limited to small groups of people or organizations. However, 
with powerful computers on every desktop and the evolution of music and video into a digital 
format, piracy has become a major factor costing software vendors alone $4 billion a year 
worldwide. Clearly, the financial loss to software developers, musicians, actors, and their 
1 5 associated industries is immense. 

At the root of the global communications expansion is the rapid growth of the 
internet, which has pushed the piracy problem to the forefront. As is well known in the art, 
the term "Internet" was first used in 1982 to refer to the enormous collection of inter- 
connected networks that use Transmission Control Protocol/Internet Protocol (TCP/IP) 
20 protocols. Despite only gaining mass recognition over the past four years, the Internet has 
existed since the late 1 960's and was originally designed as a Wide AreaNetwork (WAN) that 
would survive a nuclear war. Throughout the 1970'sand 1980's a growing number of small 
networks developed and connected to the Internet via gateways as a means of exchanging 
electronic mail. In the mid 1980's there was a significant growth in the number of available 
25 Internet hosts, and since the late 1 980's, the growth of the Internet has been exponential. The 
growth of the Internet has provided people all over the world with a means to share and 
distribute information. Thus, the potential now exists for the mass distribution of pirated 
software, music and video on a global scale. Many Internet Usenet groups and channels on 
the Internet Relay Chat (IRC) are dedicated to the trading of pirated files, music and videos. 
30 Furthering the piracy problem are groups that maintain a high profile and take a great deal of 
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■A in .heir piracy aocomplishmen,, The piracy probiem has grown so large «ha, a new 

Oesrgn and nrano ^ ^ ^ ^ ^ fc . ^ fo , . w me ,hod and app^rua for 
• „■ mbotion of da* which will «ake Vantage of the wide distribution of networks 

~; err. — — , — — — - — - 

„ Sltn - applications, .n par.icn.ar, .here is a need for a method - 
0 protected , ^ ^ ^ ^ . MCure m eans of 

^ woAs md appUcatjons ovcr te larg e network, whiie 

6 IT IL works and applications are no, copied and pira.cn. Sneh a 

, 5 prot ec.ed and ft* owners are proper,, compensated for titer creative efforts. 

— ^rCrlepreaen.— oneornroreofhsvario. 
^ ^or en,bodin.en.s is tin* presen.ed .o acco m plish one or nrore objec* and 

25 ZHSl^ g.via.henerworkinffastin en^*e compounds encrypting. 
TZ r* elecnonic daU .o he commnnica.eti .0 tire cHen, —eating «*. 
rZ^rastinctine, tire election* daU .o tire c.ien. device, wherein tire e.ecnomc dati, , 
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of media, such that the information may be accessed for use from only the one piece of 
destination media. 

According to a feature of the invention, transmitting the compound key to the 
server comprises accessing the one piece of destination media; reading the unique identifier 
from a predetermined location on the one piece of destination media; obtaining vender 
information; obtaining user information; building the compound key through a predetermined 
operation using the unique identifier, the vendor information, and the user information; and 
formatting the compound key into a first data structure for communication to the server. The 
predetermined location on the one piece of destination media may be a predetermined track. 

According to another feature, the encrypting of the electronic data to be 
transmitted to the client device comprises encrypting at least one of the electronic data and an 
encryption key to the electronic data, the encrypting being performed in accordance with the 
compound key as a data encryption key. The method as may further comprise communicating 
additional information to the remote server; and encrypting additional information together 
with the electronic data, the additional information comprising at least one of a purchaser's 
name, address, telephone number, and payment information. 

According to a further feature, the electronic data is written to the one piece 
of destination media in an encrypted format using the compound as a decryption key. 

According to still another feature, establishing a connection between the client 
device and the server via the network infrastructure comprises submitting, from the client 
device, a form to the server; executing, at the server, a program to process the form; and 
sending, to the client, a metatag and transaction file. The metatag and the transaction file 
together launch a client program at the client device after being sent to the client device. The 
client program opens the transaction file and parses metadata from metatags within the 
transaction file, and wherein the client connects to a server address identified by a 
predetermined metatag in the transaction file to receive the electronic data. In addition, the 
server address may be dynamically changed as the electronic data is requested from the server. 

According to another aspect of the invention, there is provided a method of 
accessing electronic data stored on a media by a first device adapted to read the media, the 
) electronic data having been written to the media in an encrypted format. The method 
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^ a predefined operation; reading a, least a portion of rhe elecruc da. ^ «he 

m edia ; and decrypting tire electronic data using the compound key as a decrypts key. 

Aecordingtoafeatureoftheinvention,bnildingtheeomnoundkeycompnses 

5 reading a unique identifier front a predetermined track of the media, obtaining vendor 
Lforltionandob.insuserinfomtafion. The unique identifier, the vendor information and 
A, user information are combined by dte predetermined opemtion into me compound. 
Bui.dmg me compound key may tauter comprise communicating the eompound key to a 
second device, and the rending a, .east a portion of the clonic data may further comprtse 

, 0 communicating the portion of me elec^onic da. to me second device. The second devrce 
perfonns the decrypting me electronic da. using me compound key as a decrypfion key. 

Accordingmafurmerfeature,mememodcomprisescommumcatmg,ftomme 

aevice, a unique identifier ffom me media; comparing .be aumentication code to fire umque 
15 iaentifrer.andifmeaumenticauoncode^^ 
code which is communicated » the seeona aevice. 

According to another feature, me method furmer compnses readmg a 
predetermined string from the media; decrypting the predetermined string; comparing the 

20 does not equal tire known string. 

According to ye, another aspect of the present invenhon, there ts provrded a 

L, device for operation by a user desiring to receive the clonic da.; ana a, .east one 
server, rhe a, .east one server containing me electronic da. and offering the eiecttonrc data 

mc«ng a unique identifier associated wim a par.icu.ar piece of medta .o wh.ch *e 
eietrhonic da. is to be stored. The a, .east one server encrypts the elecnonic data ustng the 
compound key as a data key and downloads the encrypted e.ectronie da. .o the aUeast one 
30 Zcomputer. The at least one client computer writes tire encrypted electronic da. to the 
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particular piece of media such that the encrypted electronic data may only be accessed from 
the particular piece of media. 

According to a feature of the invention, the at least one client device further 
submits a form to the at least one server, and the form is processed by the at least one server 
and the server communicates a metatag and transaction filed to the at least one client. 

According to another feature of the invention, the metatag and the transaction 
file launch a client program at the at least one client device after being communicated to the 
at least one client. The client program opens the transaction file and parses metadata from 
metatags within the transaction file, and the at least one client connects to a server address 
identified by a predetermined metatag in the transaction file to receive the electronic data. 
Additionally, the server address may be dynamically changed by the at least one server as the 
electronic data is requested from the at least one server. 

According to yet another aspect of the invention, there is provided an apparatus 
for reading encrypted electronic data associated to one piece of media by a compound key mat 
includes at least a unique identifier contained on the one piece of media. The apparatus 
includes a processor which controls and executes instructions to read the electronic data and 
the unique identifier from the one piece of media, and a media drive, responsive to the 
processor, which reads the unique identifier. The electronic data is decrypted for use by the 
apparatus or another device attached to the apparatus using the compound key as a data key, 
and the data is accessible from only the one piece of media having the unique identifier and 
the data is not accessible from any other media having a different or no identifier. 

According to a feature of the invention, the apparatus further comprises an 
application specific integrated circuit, which performs the decryption. The decrypted 
electronic data may be passed to the apparatus from the application specific integrated circuit. 

According to another feature, the apparatus includes an analog to digital 
converter that decompresses the electronic data and the analog to digital converter converts 
the decompressed electronic data into audio signals. 

According to yet another feature, the media drive reads a predetermined string 
from the media, and the processor decrypts the predetermined string and compares the 
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predetermined string with a known string, and the apparatus is halted if the predetermined 

string does not equal the known string. 

According to a further feature, the compound key comprises the unique 

identifier, vendor information and user information. 
5 Other features of the invention are described below. 

BRIEF DESCRIPTION OF THE DRAWINGS 

The foregoing summary, as v,ell as the following detailed description of the 
preferred embodiments, is better understood when read in conjunction with the appended 
drawings For the purpose of illustrating the invention, there is shown in the drawings an 
10 embodiment that is presently preferred, in which like reference numerals represent similar 
parts throughout the several views of the drawings, it being understood, however, that the 
invention is not limited to the specific methods and instrumentalities disclosed. In the 
drawings: 

Figure 1 is an exemplary computer network environment in which the present 

15 invention may be implemented; 

Figure 2 is a block diagram of the components of a client PC/Workstation 

shown in Figure 1; 

Figure 3 is a block diagram of the components of a preferred media drive 

shown in Figure 2; 

20 Figure 4 is a block diagram of the components of an exemplary stand alone 

device shown in Figure 1 ; 

Figure 5 is a block diagram of the components of an exemplary 

decryption/decompressing device shown in Figure 1; 

Figure 6 is a flow chart illustrating an overview of the processes performed m 
25 the electronic distribution of data in accordance with the present invention; 

Figure 7 is a flow chart of the processes performed during a commumcations 
session between a client and a server to request and download data in accordance with a first 
embodiment of the present invention; 
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Figure 8 is an exemplary format of a file containing parameters that are passed 
to a client program which controls a data download process; 

Figure 9 is a flow chart of the processes performed by PC/Workstation or 
stand-alone machine during the reading/execution/playback of the protected data in 
accordance with the first embodiment of the present invention; 

Figures 10A and 10B are flow charts of the processes performed by the 
decryption/decompressing device during the read/playback ofdata in accordance with the first 

embodiment of the present invention; 

Figure 1 1 is a flow chart of the processes performed during a communications 
session between a client and a server to request and download data in accordance with a 
second embodiment of the present invention; 

Figure 12 is a flow chart of the processes performed by PC/Workstation or 
stand-alone machine during the reading/execution/playback of the protected data in 
accordance with the second embodiment of the present invention; and 

Figures 13A and 13B are flow charts of the processes performed by the 
decryption/decompressing device during the read/playback of data in accordance with the 
second embodiment of the present invention. 

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS 

The present invention provides for a secure method of transmitting sensitive 

) andprotectedele^ 

stand-alone device over a network infrastructure and for preventing the unauthorized 
distribution and copying of the data once it is delivered to the client computer or stand-alone 
device As used herein, the term "data" includes all information that may be stored on a 
storage media, including but not limited to, executable files, linked library files, data files, 

5 databases files, audio files, and video files. 

Referring to Figures 1-5, there is illustrated an exemplary, non-liminng, 
environment 1 0 and deviees in which the present inven.ion may be implemented. As shown 
inFigurel.meenvirorunenUOinc.udesaWide^ 

WAN infrasrruerure 12 may comprise a Transmission Control Protocol/Interne, Protocol 
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(TCP/IP) network such as .he Internet. Anached to the WAN infrastructure 12, via 
communions lines 24, may be one or more Local Are, Networks (LAN) 14, servers 16, 
internet Service Providers 18, and sttnd alone devices 22 that are compatible with the 
protocofs of the WAN infrastructure 12. As iffusualed, the LAN 14 arm ISP 18 may have 
5 anached thereto client PC/work»a,ions 20 and/or smnd a.o„e devices 22 Ota, may access the 
network infrastructure t2 via the LAN 14 or ISP 18, and that are capable of at feast accessmg 
and reading data on a removable media 28. Also shown is a data decn-ption/decompressmg 
device 30, which is attached to a PC/workstation 20. 

The LAN 14 may comprise an Ethernet or Token Pang network and have a 
,0 server 16 and gateway (no. shown) that provides a connection to tire network infrasunctiire 
,2 via one or more communications finks 24. The eommunication finks 24 .0 me remote 
systems may be wireless links, satellite links, or dedicated lines. 

The serves 16 may comprise, for example, UNIX-based or Windows NT 
Server-based compiler platform having one or more processors (e.g., Intel Pentium II 
, 5 processor, Digital Equipment Company Alpha RISC processor, or Sun SPARC Proceasor), 
.ong-tenn storage (e.g, a RAID disk array), random access memory (RAM), communicarton 
peripherafs (e.g., network interface card, modem, and/or .erminal adap.er), and application 
p r0 grams(e.g.,dambaseso ft wareapplica,ions, World Wide Web publishing/hosting software, 
a„dinven.orymar,agemen.software)whichmaybe U sed.odistiibuteinfonnation.omecl 1 en, 

20 PC/workstations 20, stand afone devices 22, and other servers 16. The servers 16 maybe 
eonfigured as, for example, Worfd Wide Web (WWW) servers, Fife Trarrsfer Protocol (FTP) 
servers efectionic mail (E-mail) servers, etc. The ISP 18 typically is an organization or 
serviceuimprovidesacoessto^ 

connected to the Internet by communications fink 24. In exempiary embodiment of F.grtre 
25 1 , tire client PC 20 or stand alone device 22 may utilize a dial-up connection 26 (via me public 
switched telephone network) to connect »o the ISP 1 8. 

The client PCs 20 may comprise Windows 95, Windows 98 o, Windows NT 
Worksmtion-basedpersonalcomputershavinga^ 

storage (eg a IDE or SCSI hard disk), a removable media drive (e.g., CD-R, DVD-RAM, 
30 or ate removabie floppy or hard disk drive), random access memory (RAM), 
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communication peripherals (e.g., network interface card, modem, and/or terminal adapter), 
and suitable application programs (e.g., Dial-up networking software and a Web Browser). 
If configured as a workstation, the workstations 20 may comprise, for example, UNIX-based 
IBM RS/6000 or SUN SPARCStation workstations. Further, the client PC/workstations 20 
5 may comprise the so-called "network computing" devices. 

A block diagram of an exemplary PC/Workstation 20 is illustrated in Figure 
2. As shown, the PC/Workstation 20 is divided between internal and external components. 
The internal components include a Basic Input/Output System (BIOS) 70 and a processor 
(CPU) 66 that control the overall functioning of the PC/Workstation 20. Memory 64, a hard 

10 disk drive 76, a floppy disk drive 74, a tape drive 78, a CD-ROM drive 80, a 
MODEM/Terminal Adaptor/Network Interface Card 82, and a removable media drive 52a are 
also connected to the CPU 66. The removable media drive 52a or 52b operates to read and/or 
write to a storage media contained within a removable storage cartridge 28. The exemplary 
PC/workstation 20 of Figure 2 is configured with two removable media drives 52a and 52b 

15 to emphasize that a removable media drive can be implemented in either internal or external 
form. 

The MODEM/Terminal Adaptor/Network Interface Card 82 may comprise 
individual cards performing communications-related functions, as known in the art. The 
MODEM/Terminal Adaptor/Network Interface Cards 82 are included within PC/workstation 

20 20 to provide communications to external networks to which the PC/workstation 20 is 
connected. In particular, the MODEM/Terminal Adaptor/Network Interface Card 82 may be 
used to access LAN 14, ISP 1 8 and network infrastructure 12. 

Communications between internal and external devices may be accomplished 
via controllers provided within the PC/workstation 20. A serial/parallel/USB port controller 

25 (which may comprise separate controllers) 58, a monitor controller (video card) 60, and a 
keyboard and mouse controller 62 each provide an interface between the CPU 66 and an 
external removable media drive 52b (or printer), monitor 54, and keyboard and mouse device 
56, respectively. A hard disk and floppy disk controller 72 serves as an interface between the 
CPU 66 and the hard disk 76 and the CD-ROM drive 80, and the floppy disk 74 and tape drive 
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78 respective It will be appreciated by fhose skilled in .be an that the disk contrcUer 72 
may comprise separate floppy and bard disk corners (e.g., IDE or SCSI controfler). 

AremovablemediaeontrollerdSservesasaninterfacebetweentheremovable 

me dia drive 52a and Are CPU 66. For example, the removable disk controller 68 may 
comprise a Small Computer System Interface (SCSI) or Integrated Drive Electronics (IDE) 
interface controller. A hard disk and floppy disk controller 72 serves as an interface between 
,he CPU 66 and the hard disk 76 and the CD-ROM drive 80, and the floppy disk 74 andtape 
drive 78, respectively. AHernatively, the removable media drive 52a may ntilize the d,sk 

controller 72 as an interface to the CPU 66. 

Referring „owtoFignre3,there is illusfrotedablockdiagramof anexemplary 

media drive 52 having a SCSI interface ,o me PC/workstafion 20 (via controller 68). The 
media drive 52 proferably comprises, a ZIP® drive, manufactured by Iomega Corporation, 
R„v UUh ; however,omermediadrivesmaybeuseda S med i adrive52. The media drive 52 

mcludescomponenfsmatprovideforcon— 

, 5 media (lower right side of diagram) and the PC/workstarion 20 (upper left side of diagram). 
The media drive 52 inc.udes an AIC chip 101 which performs the SCSI 102, the drrect 
memory access (DMA) 103, and disk formatter 104 functions. The interface a!so includes a 
PHAEDRUS 105 which includes an 8032 microcontroller 106, a 1 kByt. RAM 107 and an 
application specific integrated circuit (ASIC) .08. The ASIC .08 may perform various 

20 functions, such as servo sconcing, dan. splitting, EOC, ENDEC, A-to-D an D-to-A 

conversion. The communication between the media drive 52 and the PC/work*a,.on 20 ,s 

accomplished through transfers of dara between the input/output channe. of the medra dnve 

52 and the media controller 68 (e.g., SCSI controller) of Are paworkstation 20. 

Referring again to Figure 1, the stand alone devices 22, as used herein, may 

25 encompass any device capable of interacting with the network infrasttucrure 12, other than 
t he^raditional»compn.mgdevice(i.e.,PCS,worksm.ions,networkcompm.rs,or,erm,nals). 

For example, the stand alone device 22 may include devices such as WebTV®, available from 
WebTV Networks, Palo Alfo. California, a music or video player, etc. It is nofed tha, me 
s.and alone device need no, he provided with a communications connection to the network 
30 infrastructure, LAN, or ISP. 
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A block diagram of an exemplary stand alone device 22 is illustrated in Figure 
4. The exemplary stand alone device 22 includes a removable media drive 52a, a removable 
media controller 68, a CPU 66, an ASIC/controller 36, a digital to analog converter 38, ROM 
37, and RAM 39. As can be appreciated by one of skill in the art, the stand alone device 22 
5 of Figure 4 may operate as a "player" or "viewer" of the protected data by reading the 
protected data from the media 28. The removable media drive 52a, the removable media 
controller 68, and CPU 66 each operate as described in the PC/Workstation 20 of Figures 1 -3. 
ROM 37 contains instructions to control the operation and functions of the stand alone device 
22. The ASIC/controller 36 may be used decrypt the protected data and output digital audio 

1 0 and/or video signals (e.g., Pulse Code Modulation (PCM)) to the digital to analog converter 
38 for conversion to analog audio or video signals. 

Referring again to Figure 1 , there is illustrated a decryption/decompressing 
device 30 in accordance with the present invention, which is connected to the PC 20 to 
perform the reading/playback/execution of the protected electronic data. The 

15 decryption/decompressing device 30 differs from the stand alone device 22 in that the 
decryption/decompressing device 30 is not provide with a device (e.g., removable media drive 
52) to read the media 28, but rather receives data which is read by, and communicated from, 
the PC/workstation 20. 

Referring now to Figure 5, there is illustrated a block diagram of an exemplary 

20 decryption/decompressing device 30. The decryption/decompressing device 30 may be 
connected to the PC/Workstation 20 via e.g., a universal serial bus (USB) connection, parallel 
port or serial port to receive the protected electronic data from the PC/Workstation 20 and 
may output analog audio and video signals via analog communications lines 42 to an external 
analog input device 44, such as a stereo amplifier, television, video cassette recorder or sound 

25 card. The decryption/decompressing device 30 includes a USB/parallel/serial port controller 
34, an ASIC/controller 36, a digital to analog converter 38, and RAM 39. The 
USB/parallel/serial port controller 34 interfaces with the USB/parallel/serial port of the 
PC/workstation 20 via lines 32 to provide communications between the 
decryption/decompressing device 30 and PC/workstation 20. The USB/parallel/serial port 

30 controller 34 also provides for communication of data between the PC/workstation 20 and the 
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ASIC/controller 36. The ASIC/controller 36 may decrypt the protected data and output digital 
audio and/or video signals (e.g., Pulse Code Modulation (PCM)) to the digital to analog 
converter 38 for conversion to analog audio signals. 

Alternatively, the decryption/decompressing device 30 may be provided as a 

5 card which is installed within the PC/workstation 20. Such a decryption/decompressing 
device 30 may communicate to the PC/workstation 20 via the internal bus (e.g., ISA, PCI or 
AGP) of the PC/workstation 20 instead of via the USB/parallel/serial port. Further, the 
decryption/decompressing device 30 in this alternative configuration would be provided with 
an interface to enable communications with the internal bus of the PC 20. 

j0 It is noted that the exemplary environment and devices shown in Figures 1 -5 

are not limited to the illustrated environment, as other network infrastructures, 
communications connectivities, and devices are intended to be within the scope and spirit of 

the present invention. 

Referring now to Figure 6, there is shown an overview of the processes 
1 5 performed in accordance with the electronic distribution model of the present invention. As 
will become evident to those of skill in the art, the features and aspects of the present 
invention may be implemented by any suitable combination of hardware, software and/or 
firmware. In accordance with the present invention, the network server or servers 16 may 
store data, such as application software, database tables, music, video, etc. for distribution to 
20 clients 20 and/or stand-alone devices 22. The present invention, while applicable to all types 
of data transfer, is especially applicable to commerce over the Internet, and in particular, to 
electronic distribution and delivery of software, music and video data. 

The user initiates the electronic data distribution process at step 200 when he 
or she desires to purchase software, music or videos (i.e., protected electronic data) using a 
25 home personal computer 20 or stand alone device 22. The protected electronic data may be 
offered for sale for a fee from e.g., a World Wide Web (WWW) site residing on one of servers 
16, and purchased using a credit card, debit card, smart card, virtual cash, etc. To this end, 
the home user may connect (step 202), via an Internet browser such as Internet Explorer 
available from Microsoft, Redmond, WA, to the WWW site by entering the universal resource 
30 locator (URL) or "clicking" a hyper-text link that contains the WWW site's URL. The URL 
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may contain, e.g., an Internet Protocol (IP) address (e.g.,147.178.20.151) or a domain name 
(e.g., "sitename.com") that identifies the IP address of the site such that the browser may 
establish a TCP/IP connection. Once connected, the user makes a selection of protected 
electronic data to be downloaded to his or her PC 20 (step 204) and the WWW server starts 
5 the download process (step 206) in conjunction with helper applications running on the client 
PC/workstation 20 using well known protocols (e.g., HTTP). 

In accordance with the present invention, the downloaded protected electronic 
data is encrypted during the download process using a unique identifier (e.g., serial number) 
of the media 28 as an encryption key and downloaded directly to media 28. In order to ensure 

10 that each particular piece of media 28 has a unique identifier, wherein the unique identifier 
is permanently embedded on the media 28 during the manufacturing process and is not 
accessible by a user or a disk drive that reads/writes to the media 28 at a later time. Further, 
a user format of the media 28 will not erase or alter the embedded serial number. The 
downloaded encrypted protected electronic data is then associated to the media 28 by the 

15 unique identifier and may not be accessed from any other media having a different or no 
unique identifier. As will be described below, upon playback/execution/viewing of the 
protected electronic data in a PC 20, stand alone device 22 or decryption/decompressing 
device 30 (step 210), the data is decrypted using the unique identifier of the media 28 as a 
decryption key and subsequently made available to the PC 20, stand alone device 22 or 

20 decryption/decompressing device 30. Thus, any protected electronic data that is copied from 
the destination media 28 to other storage devices will be unusable, as the other storage devices 
will not have the same unique identifier as the destination media 28. Such a system would 
prevent unauthorized copying of the protected electronic data, protecting the intellectual 
property rights of the seller or owner of such rights. 

25 A first embodiment implementing the overview processes illustrated in Figure 

6 will now be described in greater detail with reference to Figures 7-10. Figure 7 illustrates 
the download process of electronically distributing data over the network 1 2 from a server 1 6 
to a client PC/workstation 20 or stand alone device 22. As noted above, the protected 
electronic data will be downloaded to a particular piece of media having a unique serial 
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number so that the data will be associated with the particular media and accessible from only 

the particular media. 

At step 300 the process begins after a user on the client PC 20 has contacted 
and connected to a server 16 (Web server) via, e.g., a Web browser, and makes a selection of 
5 protected data for downloading. It is preferable, that the Web sever 1 6 comprises an Iomega 
store web server 16, which will be described below. It is also preferable that the connection 
to the Web server is a secure (i.e., encrypted) connection. After the user clicks on the 
download button of the displayed web page from the Web server, this action causes the 
PC/workstation to submit an HTML form to the web server 16. The web server 16 then 

10 executes the appropriate Common Gateway Interface (CGI) program. The CGI program 
running on the Iomega store web server 16 sends the metatag "Content-Type: application/x- 
itf • followed by an appropriate Iomega Transaction File (ITF) to the client PC/workstation 20. 
The ITF file is unique to the Iomega store web server 16 and is used to provide information 
to an ITF client program which controls the download process at the client side. The format 

1 5 of the ITF file is shown in Figure 8. As the web browser receives the metatag, it launches the 
ITF client program and passes the ITF file name as a command line parameter. The ITF client 
application opens the ITF file and parses the metadata from the metatags. The client 
PC/workstation 20 connects to the server address provide by the ITFSERVER tag to receive 
the electronic data (see step 308). The server address may be dynamically changed for each 

20 request in order to balance the load on the server. For example, the ITF file may include the 
following information for a transfer of a single file containing a song: 
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<ITFVERSION:>0.1 
<ITFNEWFILE:> 
<ITFID:>2 
5 <ITFSERVER:>1 47. 1 78.20.1 5 1 

<ITFFILENAME:>D:\WebSite\htdocs\htnil\ZipMan\Sample 
<ITFARTIST:>Genesis 
<ITFTITLE:>Supper's Ready 
<ITFALBUM:>Foxtrot 
10 <ITFCOST:>$2.50 
<ITFDATE:>3/4/98 
<ITFSIZE:>4746500 

At step 302 the client PC 20 queries the particular piece of media 28 to which 
the downloaded content is to be stored for the media's unique serial number. By way of a 

15 non-limiting example, the media 28 may comprise a ZIP® disk manufactured by Iomega 
Corporation, Roy, Utah. Each Iomega ZIP® disk contains a unique serial number that is 
written to a predetermined track during the formatting process which may be used as the 
unique identifier. The serial number is preferably created by but not limited to a pseudo 
random number generator. Further, while the media 28 has been described in terms of a ZIP® 

20 disk, it is not limited to the ZIP® disk, as the use of other removable and permanent media 
types having a unique identifier is within the scope and spirit of the present invention such as 
CD-R, DVD-RAM, and other removable floppy and hard disks. 

The client PC 20 may query the media using an application programming 
interface (API) such as the Iomega Ready API, or other suitable method. The Iomega Ready 

25 API when invoked causes the media drive to read the unique serial number from the 
predetermined track by using the SCSI 0x06 Non-Sense Command. In particular, by invoking 
the Disk Status Page (page 0x02) of the Non-Sense Command, the media serial number may 
be determined by reading offset bytes 20-59 of the returned data structure. Exemplary source 
code for performing step 302 in conjunction with an Iomega ZIP® drive and disk is as follows: 
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void CClientApp::GetZipDrive() 
{ 

intj,k; 

m_DriveNum = 0; 
5 for0=0y<26a-H-) 

// scan the drives and find the IOMEGA drives 

{ 

if(IsIomegaDriveO) ) 
{ 

jq k = GetGeneralDevTypeQ); 

if(k==DRIVE_IS_ZIP) 

{ 

m_DriveNum = j; 
j = 26; 

15 > 

} 

} 

} 

void CClientApp::GetSerialNumber() 
20 { 

unsigned char szBuffer[1024]; 
memset(szBuffer,0,sizeof(szBuffer)); 

memset(&m_SerialNumber,0,40); 
GetInfoNonSense(mJ)riveNum,0x02,szBuffer); 

25 m emcpy(&m_SerialNumber,&szBuffer[22],39); 
} 

It can be appreciated that the unique identifier is not limited to information 
stored on the media 28 such as the serial number, and that other types of information could 
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be used as the unique identifier, so long as it is permanently stored on the media 28. In 
addition, the unique serial number should contain a sufficient number of bits (length) to ensure 
that no two pieces of media have the same identifier. For example, each Iomega ZIP® disk 
contains a unique 39 byte (312 bits) serial number, and other bit lengths may be utilized. 
5 Once the client PC 20 is connected to the server 16 identified in the 

ITFSERVER tag (e.g., 1 47. 1 78.20. 151), the client sends a command packet to the server via 
TCP/IP sockets at step 304. The first command packet has an action code of one and contains 
the file name to be transferred, all the customer information, billing information, and the 
unique serial number of the media. The first command packet may be formatted as follows: 
10 struct SocketCommand 

{ 

unsigned long Code; 
unsigned long Size; 
unsigned char Data[400]; 

15 }; 

The server responds with a data packet with the same action code and informs the client that 
the file has been opened and the file size. 

Alternatively, the Data field may comprise a plurality of fields containing the 
customer information, billing information, and the unique serial number as parsed fields. The 
20 data field may be formatted to have the following data structure: 
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{ 

char First[20]; 
char Last[20]; 
char Address[40]; 
char City[20]; 
char State[3]; 
char Zip[6]; 
char CreditCard[17]; 
char ExpDate[5]; 
char Phone[13]; 
char Serial[40]; 
long int DatalD; 

}; 



Atsteps306-310theclientsendsacorimiandpacketwithanactioncodeoftwo 
5 (step306),whichinformstheservertosendthenext4000bytesofdataencrypted theunique 
serial number. This action code is repeated until the entire file has been transferred from the 
server 16 to the client PC 20. The server 16 encrypts the data key for the digital content to 
be downloaded using the unique serial number (and any additional information) as an 
encryption key (step 308). While any suitable encryption algorithm may be utilized at step 
20 308 the data encryption is preferably performed using the well known Blowfish encrypUon 
algorithm. The Blowfish encryption algorithm is advantageously fast, especially when 
implemented on32-bit microprocessors with large data caches, such as the Intel Pentium and 
the IBM/Motorola PowerPC. Briefly, Blowfish is a variable-length key, 64-bit block ctpher 
which may be implemented in either hardware or software. The algorithm consists of two 
25 partsakey-expansionpartandadata-encryptionpart. The key expansion part converts a key 
ofatmost 448 bits into several subkey arrays totaling 4168 bytes. The data encryption occurs 
via a 1 6-round Feistel network, wherein each round consists of a key-dependent permutafion 
and a key- and data-dependent substitution. All operations are exclusive ORs (XOR) and 
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additions on 32-bit words. The only additional operations are four indexed array data lookups 
per round to generate the encrypted data. 

Also at step 308, the server transmits the data to the client, via, e.g., TCP/IP 
sockets, and the client PC 20 writes the data to the media 28 at step 310. The data may be 
5 written to the media 28 in a standard file system structure or by direct track or sector writes. 
The format by which the data is written to the media 28 is not limited to the noted formats, 
as other formats may be utilized. The data transmitted to the client PC 20 from the server 20 
is preferably in a predetermined data structure such as the following: 

struct SocketData 
10 { 

unsigned int Code; 
unsigned long FileSize; 
unsigned char Data[4000]; 

}; 

1 5 The process of step 306-3 1 0 repeats until all of the data has been downloaded 

from the server 16 to the client PC 20. At that time the client PC 20 will send an action code 
of three to inform the server 1 6 that the transaction is complete and to disconnect the socket 
(step 312). It is noted that the source code and data structures above are included herein for 
exemplary purposes only, and are in no way intended to limit the scope of the present 

20 invention. 

Referring now to Figure 9, there is illustrated the processes performed during 
a reading/execution/playback of the protected data once it has been written to the media 28 
in accordance with an first hardware implementation of the first embodiment. As will be 
appreciated by those of skill in the art, the process of Figure 9 may be executed in multiple 
25 threads to increase the performance of the playback/execution/viewing process. As will be 
described below, the protected data is decrypted using the unique serial number of the media 
28 as a decryption key in order to present the PC 20 or stand alone device 22 with usable 
electronic data. 

The playback/execution/viewing process begins at step 320 when the user 
30 places the media 28 within the PC 20 or stand alone device 22 and accesses the protected 
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electronic data on the media 28. The user may access the protected data using a combination 
of software and hardware installed on the PC 20 or stand alone device 22. 

At step 322 the PC 20 (or stand alone device 22) reads the unique serial 
number from the media 28 and stores the unique serial number in RAM 64 (RAM 39). As 
5 noted above, the media is preferably the Iomega ZIP® disk which contains the unique serial 
number on a predetermined track of each ZIP® disk; however, the media is not limited to the 
ZIP® disk and may comprise any media having a unique serial number or identifier, as 
described above. Also as noted above, the PC 20 software may utilize the Iomega Ready API 
to read the serial number at step 322 from the disk. 
10 At step 324 the PC 20 (or stand alone device 22) decrypts a predetermined 

string contained on the media 28 using the unique serial number. The predetermined string 
is compared to a known string at step 326 to determine if a proper string is decrypted (i.e., the 
decrypted predetermined string equals the known string). If the predetermined string has been 
decrypted into the known string, the process continues at step 328 where the encrypted 
1 5 protected electronic data is read from the media 28 . Otherwise, if the result of the decryption 
of the predetermined string was not the known string, then all threads end, stopping the 
playback/execute/viewing process at step 344. 

At step 328 the PC 20 (or stand alone device 22) reads the encrypted data from 
the media 28 and temporarily stores the protected electronic data in RAM 64 (RAM 39). The 
20 reading process may be performed within a first thread running on the PC 20, and is 
performed in a manner analogous to writing the data to the media 28, e.g., via standard file 
system reads, or direct track or sector reads. The format by which the data is read from the 
media 28 is performed in accordance with the manner the data was written to the media, and, 
as in writing the data to the media 28 is not limited to the above-noted formats, as other 

25 formats may be utilized. 

At step 330 it is determined if all of the protected data has been read from the 
media 28. If so, the read thread is ended at step 332. Otherwise, if there is additional data to 
be read, the read thread returns to step 328 to read additional protected data from the media 
28. In accordance with an aspect of the invention, the entirety of the protected content need 

30 not be read from the media 28 at step 328, which reduces the amount of memory required to 
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implement the decryption process. Also, because the processes of Figure 9 are executed in 
a multi-threaded fashion, the process of reading the protected data from the media 28 maybe 
performed as other portions of the protected data are decrypted in a second thread or other 
hardware, as discussed below. 
5 Also from step 330 a second thread decrypts the protected data (step 334) using 

; the unique serial number of the media 28 (read at step 322) as a decryption key. The 
decryption of the data at step 334 is performed in accordance with the encryption algorithm, 
and preferably comprises the Blowfish algorithm, as noted above. The decryption may occur 
in software, or may be performed in hardware if a higher level of security is required. Further, 
1 0 as noted above, because the decryption runs in a second thread (or other hardware device), the 
decryption process may be performed simultaneously with the reading process at step 328. 

At step 336 the decrypted data is verified to determine if it is valid data (i.e., 
usable). If the data is valid, the data is then executed/played/viewed by the PC 20 (or stand 
alone device 22) at step 338. The process of executing/playing/viewing may be performed 
15 in a third thread or other hardware device (e.g., sound card). If, however, the data is not valid 
or is corrupted at step 336, the process notifies the user at step 342 and ends all threads at step 
344. Once all of the protected data is decrypted and played/viewed/executed, all threads 
comprising the processes of Figure 9 are ended at step 344. It is preferable to delete all 
• temporary files containing unencrypted protected electronic data upon completion of the 
20 process at step 344 in order to fiirther enhance the anti-piracy features of the present invention. 

Thus, by implementing the processes of Figure 9 in multiple threads, the 
processes of reading, decrypting and executing/playing/viewing the protected data may occur 
simultaneously in the PC 20 to increase performance. 

It is noted that the PC/workstation 20 and stand alone device 22 have been 
25 described above as performing steps 320-344 in a similar fashion. However, because the 
PC/workstation 20 comprises a general purpose computer, there may be additional features 
of the present invention provided within the PC/workstation 20, which will be described 
below. 

For example, When executing/playing/viewing the protected data on the 
30 PC/workstation 20, the software or hardware decryption process at steps 334 through 338 may 
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be performed such that the protected electronic data is decrypted and an executable program 
is automatically launched to utilize the decrypted protected electronic data. Alternatively, the 
software or hardware decryption process may decrypt and validate the protected electronic 
data at steps 334 and 336 and store the decrypted data temporarily on the media 28, other 
5 media (e.g., hard disk 76) or in memory (e.g., RAM 64) for execution or use by other software 
or hardware applications at step 33 8 . This alternative allows the user to play/execute/view the 
protected electronic data at a time after decrypting. In addition, if enhanced security is 
preferred, the protected electronic data could be stored in an encrypted form in RAM 64 at 
step 328 and temporarily decrypted at step 334 on an as-needed basis. 
10 As noted above, the decryption process at step 334 (Figure 9) may be 

implemented in software or hardware. An exemplary first hardware implementation will be 
described with reference to Figures 2-4. As is well known in the art, an ASIC is a custom or 
semi-custom integrated circuit that may be designed to perform a variety of functions. 
Accordingly, the ASICs 1 08 and/or 36 may be designed to perform the decryption of step 334 
15 in addition to the other functions performed by ASICs 108 and 36 noted above. It is 
preferable to implement the decryption process in the ASIC 108 and/or 36 to minimize the 
likelihood of unscrupulous pirates "hacking" the decryption software for the purpose of 
making illegal copies of the protected electronic data. 

In the first hardware implementation, the entirety of steps 320-344 of Figure 
20 9 are performed within a single device (e.g., PC/workstation 20 or stand alone device 22). 
When the first hardware implementation is implemented in PC 20, the encrypted data read 
from the media 28 is passed to the ASIC 108 (via the controller 68) for decryption (at steps 
324 and 334) using the unique serial number of the media 28 as the decryption key. Once the 
protected electronic data is decrypted by ASIC 1 08, it is then passed back (via controller 68) 
25 to the PC 20 for validation and execution. By incorporating the decryption processing into 
the ASIC 108, the burden on the processor 66 will be advantageously reduced, speeding up 
any other operations being performed by the PC/workstation 20. 

When the first hardware implementation is implemented in the stand alone 
device 22, the encrypted data is passed to the ASIC/controller 36 (via the controller 68 and 
30 the CPU 66) for decryption at steps 324 and 334 using the unique serial number of the media 
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28 as the decryption key. Once the protected electronic data is decrypted and validated by 
ASIC/controller 36, it is converted to digital audio and/or video data passed to the digital to 
analog converter 38 for conversion to analog audio and video information. The analog 
information is then output to an analog input device 44, such as a VCR, tape deck, amplifier, 
5 sound card, etc., and the process ends at step 336. 

A second hardware implementation of the first embodiment will now be 
described, which distributes the processing between the PC/workstation 20 and the 
decryption/decompressing device 30 described with reference to Figure 5. The 
decryption/decompressing device 30 may operate, for example, as a special purpose media 
1 0 player attached to the PC 20. The decryption/decompressing device 30 is provided with the 
capability of receiving the protected electronic data from the PC 20, decrypting and 
decompressing (if necessary) the content, and providing audio and/or video outputs. 

The operation of the second hardware implementation of the first embodiment 
will be described with reference to Figures 10A and 10B. The process begins at step 400 
1 5 when the user places the media 28 within the PC 20 and accesses the protected electronic data 
on the media 28. At step 402 the data key (i.e., unique serial number) to the protected data 
is obtained. The processes of step 402 are describe in detail with reference to Figure 10B. 

Referring now to Figure 10B (step 450), processing begins at step 452 when 
the PC 20 reads the unique serial number from the media 28 and passes it to the 
20 decryption/decoding device 30 at step 454. As noted above, the media 28 is preferably the 
Iomega ZIP® disk which contains the unique serial number on a predetermined track of each 
ZIP® disk; however, the media is not limited to the ZIP® disk and may comprise any media 
having an associated unique serial number. The PC 20 software may utilize the Iomega Ready 
API to read the serial number from the disk, as noted above. At step 456 the 
25 decryption/decoding device 30 generates an authentication code, which is passed back to the 
PC 20 (media drive 52) at step 458. At step 460 the media drive 52 verifies that the 
authentication code passed from the decryption/decoding device 30 is the same as the unique 
serial number on the media 28 actually in the drive 52. If the authentication code does not 
correspond to the unique serial number, then the playback/execution/viewing process stops 
30 at 468. If the authentication code matches the unique serial number, then at step 462, the 
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media drive 52 generates a verification code. The verification code is sent to the 
decryption/decoding device 30 at step 464 and the process returns to step 404 in Figure 1 OA. 
The two-step verification process of Figure 10B ensures that the unique serial number of the 
media 28 physically in the media drive 52 has the same unique serial number sent to the 
5 decryption/decoding device 30 at step 454 and further enhances the present invention's 
resistance to hacking. The unique serial number is stored in RAM 3 9 for use as the decryption 
key in the decryption process (steps 406 and 412). 

Referring again to Figure 10A, at step 404 the decryption/decoding device 30 
decrypts a predetermined string contained on the media 28 using the unique serial number. 
10 The predetermined string is sent to the decryption/decoding device 30 via the 
USB/parallel/serial port 58. The predetermined string is compared to a known string by the 
decryption/decoding device 30 at step 406 to determine if a proper string is decrypted (i.e., 
the decrypted string equals the known string). If the decrypted predetermined string equals 
the known string, the process continues at step 408 where the encrypted data is read from the 
1 5 media 28 . Otherwise, if the decrypted predetermined string does not equal the known string, 

then the process ends at step 424. 

At step 408, the encrypted data is read from the media 28 and sent via 
USB/parallel/serial port 58 to the decryption/decompressing device 30 at step 410. At step 
412, the ASIC/controller 36 decrypts the protected electronic data received by controller 34. 
20 The decryption process is performed as noted above with reference to step 334 (Figure 9). As 
the protected electronic data is decrypted, the ASIC/controller 36 (or application software 
running on the PC 20) determines at step 414 the type of information that comprises the 
protected electronic data and if the decrypted data is valid. If the data is determined to be 
invalid at step 414, the user may be notified at step 422 and the process ends at step 424. 
25 if a t step 4 1 4 the protected electronic data is valid application software or a 

valid executable file, the decryption/decompressing device 30 may pass the decrypted file 
back to the PC 20 for execution at step 416. As illustrated in Figure 10A, the process of 
sending encrypted data to the decryption/decoding device 30 may loop through steps 408 
through 416 until all of the data is read from the media 28 and passed back to the PC 20 for 
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execution. After the all of the protected electronic data has been decrypted and passed back 
to the PC 20, the process ends at step 424. 

If the protected electronic data is valid audio or video data, the 
decryption/decompressing device 30 may additionally provide for decompression of the audio 

5 or video data at step 418 in ASIC/controller 36. Typically, digital audio and video 
information is compressed according to standard compression algorithms. For example, full- 
motion video and audio information may be compressed using the Moving Pictures Expert 
Group (MPEG) standard and still pictures may be compressed using the Joint Picture Expert 
Group (JPEG) standard. The decompressed audio or video information may be converted to 

10 digital data (e.g., pulse code modulation (PCM)) at step 41 8 and sent to the digital to analog 
converter 38. 

At step 420 the digital audio or video data is converted to analog audio or video 
signals by the digital to analog converter 38. The analog signals are output to an analog input 
device 44 (e.g., stereo amplifier, video cassette recorder, sound card or television) for 
1 5 playback/viewing. As illustrated in Figure 1 OA, the process of sending encrypted data to the 
decryption/decoding device 30 may loop through steps 408 through 420 until all of the data 
is read from the media 28. After all of the protected electronic data has been converted to an 
analog output, the process ends at step 424. 

In accordance with the second hardware implementation, the protected data 
20 may be streamed from the PC 20 to the decryption/decompressing device 30, or alternatively, 
download to the RAM 39 in its entirety prior to decryption by the ASIC/controller 36. 

A second embodiment implementing the overview processes illustrated in 
Figure 6 will now be described in greater detail with reference to Figures 11-13. The second 
embodiment provides for additional security by including not only the unique identifier in the 
25 encryption/decryption key, but also a vendor identifier and a user identifier. Such an 
encryption/decryption key will be referred to herein as a compound key. In particular, by 
using the compound key having vendor information and user information, certain additional 
safeguards may be built into the distribution of the protected data. The vendor information 
may be an identifier created by the vendor of the protected content or an industry group. The 
30 purpose of this identifier is to allow the vendor or an industry group to add additional layers 
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of security to prevent unauthorized decryption of protected data by a person or software 
program not approved by the vendor or industry group. For example, as will be discussed 
below, the vendor information may be retrieved from application software downloading, 
running or playing the protected content, thus further restricting use of the content to devices 
5 having licenced copies of the application software. Alternatively, the vendor information may 
retrieved from a server located on a local area network (LAN), wide area network (WAN), or 
the Internet, etc. 

The user information is information that is specific to an individual user or 
group of users. This identifier may be created by the user or on the user's behalf by the 

10 software application. The user identification provides for user control over access to the 
protected content. Such user control may be desirable in corporate environments to allow 
only authorized users (e.g., company officers, specific departments and specific individuals) 
access the protected content. In the home, user control will provide parents with a mechanism 
by which to prevent children from accessing inappropriate content (e.g., R-rated movies). 

15 Referring now to Figure 11, there is illustrated the download process of 

electronically distributing data over the network 12 from a server 16 to a client 
PC/workstation 20 or stand alone device 22 in accordance with the second embodiment. As 
noted above, the protected electronic data will be downloaded to a particular piece of media 
having a unique identifier so that the data will not only be associated with the particular media 

20 and accessible from only the particular media, but will also include vender and user 
information as part of the encryption/decryption key for added security. Further, in Figures 
1 1 - 1 3 , all steps having similar processes as those discussed with respect to Figures 7 and 9-10 
are similarly numbered and the detailed description of such steps will not be repeated herein 
below. 

25 At step 300, the process begins after a user on the client PC 20 has contacted 

and connected to a server 1 6 (Web server) via, e.g., a Web browser, and makes a selection of 
protected data for downloading. At step 302 the client PC 20 queries the particular piece of 
media 28 to which the downloaded content is to be stored for the media's unique serial 
number. 
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At step 302A, the vendor information is obtained. Such information may be 
embedded by known means within the ITF client program which controls the download 
process at the client side. As such, each vendor would have a unique ITF client program to 
perform the download process. Alternatively, a generic ITF client program may be executed 
5 at the client side and the vendor information retrieved from a file on the client PC 20, stand 
alone device 22, or from a database on the server 16 that associates the protected content to 
the vendor information via known processes. 

At step 302B, the user information is obtained. This is preferably performed 
by prompting the user for the information. The user then enters the information, which is 
10 temporarily stored in RAM 64 or on the hard disk 76. Alternatively, a separate software 
application may be invoked to provide the user information (e.g., a password application that 
retrieves a user's password from a network yellow pages file). 

At step 302C, the compound encryption/decryption key is built. The process 
may be performed by combining the three key components (e.g., the unique identifier of the 
1 5 media 28, the vendor information, and the user information) by any means, including but not 
limited to, mathematical operations (mod, addition, division, subtraction, XOR, etc.) 
• concatenation, interleaving, or any other method. Preferably, byte level interleaving of the 
' vendor information and the user information is performed. This results in a string having the 
structure: V0U0V1U1 V2U2V3U3V4U4V5U5V6U6V7U7, where Vx is vendor information 
20 byte x, and Ux is user information byte x. The resulting string is then combined with the 
unique serial number by an XOR (exclusive OR) operation to form the compound key. Thus, 
the compound key is preferably created as follows: 

CK = S XOR (V interleaved U) 

wherein, 

25 CK= Compound Key 

S= Serial Number 
V= Vendor Information 
U= User Information 
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Once the client PC 20 is connected to the server 16, the client sends a 
command packet to the server via TCP/IP sockets at step 304. The server responds with a data 
packet with the same action code and informs the client that the file has been opened and the 
file size. At steps 306-3 10 the client sends a command packet with an action code of two 
5 (step 306), which informs the server to send the data encrypted by the compound key. This 
action code is repeated until the entire file has been transferred from the server 16 to the client 
PC 20. The server 1 6 encrypts the data key for the digital content to be downloaded using the 
compound key (and any additional information) as an encryption key (step 308). Also at step 
308, the server transmits the data to the client, via, e.g., TCP/IP sockets, and the client PC 20 
10 writes the data to the media 28 at step 310. As noted above, the process of step 306-310 
repeats until all of the data has been downloaded from the server 16 to the client PC 20. At 
that time the client PC 20 will send an action code of three to inform the server 16 that the 
transaction is complete and to disconnect the socket (step 312). 

Referring now to Figure 1 2, there is illustrated the processes performed during 
15 a reading/execution/playback of the protected data once it has been written to the media 28 
in accordance with a first hardware implementation of the second embodiment. 

The playback/execution/viewing process begins at step 320 when the user 
places the media 28 within the PC 20 or stand alone device 22 and accesses the protected 
electronic data on the media 28. At step 322 A the PC 20 (or stand alone device 22) reads the 
20 unique serial number from the media 28 and stores the unique serial number in RAM 64 
(RAM 39). At step 322B, the vendor information is obtained. Such information is preferably 
embedded within the application software which performs the playback/execution/viewing 
of the protected data. Alternatively, a standardized application may be developed that 
performs the playback/execution/viewing at the client side and the vendor information 
25 retrieved from a file on the client PC 20, stand alone device 22, or from a database on the 
server 1 6 that associates the protected content to the vendor information via known processes. 
At step 322C, the user information is obtained, as noted above with regard to step 302B, and 
at step 322D, the compound encryption/decryption key is built, as described with regard to 
step 302C. 
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At step 324 the PC 20 (or stand alone device 22) decrypts a predetermined 
string contained on the media 28 using the compound key. The predetermined string is 
compared to a known string at step 326 to determine if a proper string is decrypted (i.e., the 
decrypted predetermined string equals the known string). If the predetermined string has been 
5 decrypted into the known string, the process continues at step 328 where the encrypted 
protected electronic data is read from the media 28. Otherwise, if the result of the decryption 
of the predetermined string was not the known string, then all threads end, stopping the 
playback/execute/viewing process at step 344. 

At step 328 the PC 20 (or stand alone device 22) reads the encrypted data from 
1 0 the media 28 and temporarily stores the protected electronic data in RAM 64 (RAM 39). At 
step 330 it is determined if all of the protected data has been read from the media 28. If so, 
the read thread is ended at step 332. Otherwise, if there is additional data to be read, the read 
thread returns to step 328 to read additional protected data from the media 28. Also from step 
330 a second thread decrypts the protected data (step 334) using the compound key of the 
15 media 28 (read at step 322) as a decryption key. 

At step 336 the decrypted data is verified to determine if it is valid data (i.e., 
- usable). If the data is valid, the data is then executed/played/viewed by the PC 20 (or stand 
' alone device 22) at step 338. The process of executing/playing/viewing may be performed 
in a third thread or other hardware device (e.g., sound card). If, however, the data is not valid 
20 or is corrupted at step 336, the process notifies the user at step 342 and ends all threads at step 
344. Once all of the protected data is decrypted and played/viewed/executed, all threads 
comprising the processes of Figure 12 are ended at step 344. It is preferable to delete all 
temporary files containing unencrypted protected electronic data upon completion of the 
process at step 344 in order to further enhance the anti-piracy features of the present invention. 
25 A second hardware implementation of the second embodiment will now be 

described, which distributes the processing between the PC/workstation 20 and the 
decryption/decompressing device 30 described with reference to Figure 5. The 
decryption/decompressing device 30 may operate, for example, as a special purpose media 
player attached to the PC 20. The decryption/decompressing device 30 is provided with the 
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capability of receiving the protected electronic data from the PC 20, decrypting and 
decompressing (if necessary) the content, and providing audio and/or video outputs. 

The operation of the second hardware implementation of the second 
embodiment will be described with reference to Figures 13A and 13B. The process begins 
5 at step 400 when the user places the media 28 within the PC 20 and accesses the protected 
electronic data on the media 28. At step 402A the media to which the protected data is stored 
is verified. The processes of step 402A are describe in detail with reference to Figure 13B. 

Referring now to Figure 13B (step 450A), processing begins at step 452 when 
the PC 20 reads the unique serial number from the media 28 and passes it to the 
10 decryption/decoding device 30 at step 454. At step 456 the decryption/decoding device 30 
generates an authentication code, which is passed back to the PC 20 (media drive 52) at step 
458. At step 460 the media drive 52 verifies that the authentication code passed from the 
decryption/decoding device 30 is the same as the unique serial number on the media 28 
actually in the drive 52. If the authentication code does not correspond to the unique serial 
1 5 number, then the playback/execution/viewing process stops at 468 . If the authentication code 
matches the unique serial number, then at step 462, the media drive 52 generates a verification 
code. The verification code is sent to the decryption/decoding device 30 at step 464 and the 
process returns to step 404 in Figure 13A. The two-step verification process of Figure 10B 
ensures that the unique serial number of the media 28 physically in the media drive 52 has the 
20 same unique serial number sent to the decryption/decoding device 30 at step 454 and further 
enhances the present invention's resistance to hacking. The unique serial number is stored in 
RAM 39 for use as part of the compound decryption key in the decryption process (steps 406 
and 412). 

Referring again to Figure 13A, at step 402B, the vendor information is 
25 obtained. Such information is preferably embedded within the application software which 
performs the playback/execution/viewing of the protected data. Alternatively, a standardized 
application may be developed that performs the playback/execution/viewing at the client side 
and the vendor information retrieved from a file on the client PC 20, stand alone device 22, 
or from a database on the server 16 that associates the protected content to the vendor 
30 information via known processes. At step 402C, the user information is obtained, as noted 



WO 00/29928 PCT7US99/26168 

-33- 

above with regard to step 302B, and at step 402D, the compound encryption/decryption key 
is built, as described with regard to step 302C. 

At step 404 the decryption/decoding device 30 decrypts a predetermined string 
contained on the media 28 using the compound key. The predetermined string is sent to the 
5 decryption/decoding device 30 via the USB/parallel/serial port 58. The predetermined string 
? is compared to a known string by the decryption/decoding device 30 at step 406 to determine 
if a proper string is decrypted (i.e., the decrypted string equals the known string). If the 
decrypted predetermined string equals the known string, the process continues at step 408 
where the encrypted data is read from the media 28. Otherwise, if the decrypted 
1 0 predetermined string does not equal the known string, then the process ends at step 424. 

At step 408, the encrypted data is read from the media 28 and sent via 
USB/parallel/serial port 58 to the decryption/decompressing device 30 at step 410. At step 
412, the ASIC/controller 36 decrypts the protected electronic data received by controller 34. 
The decryption process is performed as noted above with reference to step 334 (Figures 9 and 
15 12). As the protected electronic data is decrypted, the ASIC/controller 36 (or application 
software running on the PC 20) determines at step 4 1 4 the type of information that comprises 
the protected electronic data and if the decrypted data is valid. If the data is determined to be 
invalid at step 414, the user may be notified at step 422 and the process ends at step 424. 

If at step 414 the protected electronic data is valid application software or a 
20 valid executable file, the decryption/decompressing device 30 may pass the decrypted file 
back to the PC 20 for execution at step 416. As illustrated in Figure 10A, the process of 
sending encrypted data to the decryption/decoding device 30 may loop through steps 408 
through 416 until all of the data is read from the media 28 and passed back to the PC 20 for 
execution. After the all of the protected electronic data has been decrypted and passed back 
25 to the PC 20, the process ends at step 424. 

If the protected electronic data is valid audio or video data, the 
decryption/decompressing device 30 may additionally provide for decompression of the audio 
or video data at step 418 in ASIC/controller 36. Typically, digital audio and video 
information is compressed according to standard compression algorithms. For example, full- 
30 motion video and audio information may be compressed using the Moving Pictures Expert 
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Group (MPEG) standard and still pictures may be compressed using the Joint Picture Expert 
Group (JPEG) standard. The decompressed audio or video information may be converted to 
digital data (e.g., pulse code modulation (PCM)) at step 41 8 and sent to the digital to analog 
converter 38. 

5 At step 420 the digital audio or video data is converted to analog audio or video 

signals by the digital to analog converter 38. The analog signals are output to an analog input 
device 44 (e.g., stereo amplifier, video cassette recorder, sound card or television) for 
playback/viewing. As illustrated in Figure 1 3 A, the process of sending encrypted data to the 
decryption/decoding device 30 may loop through steps 408 through 420 until all of the data 
1 0 is read from the media 28. After all of the protected electronic data has been converted to an 
analog output, the process ends at step 424. 

In accordance with the second hardware implementation, the protected data 
may be streamed from the PC 20 to the decryption/decompressing device 30, or alternatively, 
download to the RAM 39 in its entirety prior to decryption by the ASIC/controller 36. 
j 5 As noted above, the data is stored on the media 28 in an encrypted format using 

at least the unique serial number as a decryption key . The encryption/decryption key may also 
be a compound key that includes the unique serial number of the media, vendor information 
and user information. Accordingly, if the data is copied to any other media, the decryption 
process will fail rendering the content unusable. Thus, unauthorized copying of data 
20 downloaded using the apparatus and method of the present invention will be prevented. 
Further, while process described above refers to a client PC, the process is applicable to a 
stand alone device capable of communicating over the network infrastructure, and reading and 
writing to the media on which the protected electronic data is stored. For example, a kiosk 
may be provided at retail outlets where purchasers may insert a piece of media 28 into the 
25 kiosk and download data to be used on a home or office personal computer. 

In accordance with the present invention, the server 16 may store digital 
content to be downloaded in an encrypted or unencrypted format. If the digital content to be 
downloaded is not stored in an encrypted format, then it is preferably encrypted upon 
downloading using the unique serial number or compound key as an encryption key. If the 
30 digital content to be download is stored on the server 16 in an encrypted format (pre- 
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encrypted) prior to downloading then the server would need only to encrypt the data key to 
the content (i.e., the software application, music or video). Pre-encryption may be preferable 
to provide greater performance in environments where large amounts of data need to be 
encrypted per transaction. Such electronic distribution systems may be heavily burdened if 
5 they were required to encrypt the entire content that is to be electronically distributed. 
However, it may be preferable to double encrypt the downloaded content at step 308 by 
encrypting the pre-encrypted content and the data key to the pre-encrypted content using the 
unique serial identifier or compound key (and any additional information) as an encryption 
key. Such a technique would greatly increase the security of the data to be transmitted, as the 
10 data may be double encrypted prior to transmission to the client, as noted above. While the 
process at step 308 has identified encrypting the data key or the data key and the content, it 
is also possible that at step 308 that only the content to be transmitted is encrypted using the 
unique serial number or compound key as a key. If enhanced security is a concern, additional 
transaction information such as the purchaser's name, address, credit card number, etc. may 
15 be included with the content. 

Further in accordance with the present invention, it is anticipated that many 
home users will desire to copy audio CDs to other media, such as the Iomega ZIP® disk, for 
use in portable devices. Such devices include those that utilize MPEG audio layer 3 (MP3) 
compression, which will provide near CD-quality sound. The present invention contemplates 
20 performing the operations of Figures 7 and 1 1 entirely within client PCs 20 or stand-alone 
devices 22, without any interaction with other devices connected to the network infrastructure 
12. Accordingly, the PC 20 would query the media 28 for the unique serial number (see, 
description of Step 302) and pass it to an application program, via controller 72 and processor 
66. The serial number may then be stored in the RAM 64 and used by the application 
25 program (also in RAM 64) to encrypt the digital audio from the CD using the unique identifier 
(or compound key) as an encryption key. The application software writes the encrypted data 
stream to the media 28 via media drive 52 using know means of transferring information from 
one media type to another within a PC 20. Such a system prevents illegal copying of 
copyrighted materials by preventing the manufacture of subsequent generations of the first 
30 generation copy written to the media 28. 
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As described herein, the present invention advantageously utilizes at least the 
unique identifier of the media as an encryption key which allows any electronic data to be 
protected against copying. Additionally, by using the unique identifier of the media, rather 
than a hardware device, the protected electronic data may be read/played on any device 

5 capable of reading the media. Further, a compound key may be used for added security. 
Thus, the protected electronic data becomes portable and is tied only to a single removable 
media, allowing the protected electronic data to be shared while preventing the protected 
electronic data from being copied and read/played from another media. Further, present 
invention may be used in a single encryption method or multiple encryption method where 

1 0 the key to the protected electronic data itself is encrypted using the serial number of the disk 
as the key. 

It is noted that the foregoing examples have been provided merely for the 
purpose of explanation and are in no way to be construed as limiting of the present invention. 
While the invention has been described with reference to preferred embodiments, it is 

15 understood that the words which have been used herein are words of description and 
illustration, rather than words of limitations. Further, although the invention has been 
described herein with reference to particular means, materials and embodiments, the invention 
is not intended to be limited to the particulars disclosed herein; rather, the invention extends 
to all functionally equivalent structures, methods and uses, such as are within the scope of the 

20 appended claims. Those skilled in the art, having the benefit of the teachings of this 
specification, may effect numerous modifications thereto and changes may be made without 
departing from the scope and spirit of the invention in its aspects. 

For example, fixed media having a unique identifier may be utilized by the 
present invention to receive protected electronic data. Also, the removable media need not 

25 be a removable media cartridge, but may comprise a removable drive, such as those which are 
removably connected to personal computers or other devices via, e.g., drive bays, device bays, 
and PCMCIA slots. 
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WHAT IS CLAIMED IS: 

1 . A method of electronically distributing electronic data from a server to a 
client device via a network infrastructure, said method utilizing a compound key that includes 
unique identifier of one piece of media to associate said electronic data with only said one 
piece of media, said method comprising: 

establishing a connection between the client device and the server via the 
network infrastructure; 

transmitting, via the network infrastructure, said compound key; 

encrypting, at the server, said electronic data to be communicated to the client; 

communicating, via the network infrastructure, said electronic data to the client 
device, wherein said electronic data is in an encrypted format; and 

writing, at the client device, said electronic data to said one piece of media, 
such that said information may be accessed for use from only said one piece of destination 
media. 

2. The method as recited in claim 1 , wherein said transmitting said compound 
key to the server comprises: 

accessing said one piece of destination media; 

reading said unique identifier from a predetermined location on said one piece 
of destination media; 

obtaining vender information; 
obtaining user information; 

building said compound key through a predetermined operation using said 
unique identifier, said vendor information, and said user information; and 

formatting said compound key into a first data structure for communication to 

the server. 

3. The method as recited in claim 2, wherein said predetermined location on 
said one piece of destination media is a predetermined track. 
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4. The method as recited in claim 1 , wherein said encrypting of said electronic 
data to be transmitted to the client device comprises encrypting at least one of said electronic 
data and an encryption key to said electronic data, said encrypting being performed in 
accordance with said compound key as a data encryption key. 

5. The method as recited in claim 4, further comprising: 
communicating additional information to the remote server; and 
encrypting additional information together with said electronic data, said 

additional information comprising at least one of a purchaser's name, address, telephone 
number, and payment information. 

6. The method as recited in claim 1 , wherein said electronic data is written to 
said one piece of destination media in an encrypted format using said compound as a 
decryption key. 

7. The method as recited in claim 1, wherein said establishing a connection 
between the client device and the server via the network infrastructure comprises: 

submitting, from the client device, a form to the server; 
executing, at the server, a program to process said form; and 
sending, to the client, a metatag and transaction file. 

8. The method as recited in claim 7, wherein said metatag and said transaction 
file launch a client program at the client device after being sent to the client device. 

9. The method as recited in claim 8, wherein said client program opens said 
transaction file and parses metadata from metatags within said transaction file, and wherein 
the client connects to a server address identified by a predetermined metatag in said 
transaction file to receive said electronic data. 
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10. The method as recited in claim 9, wherein said server address is 
dynamically changed as said electronic data is requested from the server. 

1 1 . A method of accessing electronic data stored on a media by a first device 
adapted to read said media, said electronic data having been written to said media in an 

5 encrypted format, said method comprising: 

accessing said electronic data on said media; 

building a compound key in accordance with a predetermined operation; 
reading at least a portion of said electronic data from said media; and 
decrypting said electronic data using said compound key as a decryption key. 

L 0 1 2. The method as recited in claim 1 1 , wherein said building said compound 

key comprises reading a unique identifier from a predetermined track of said media, obtaining 
vendor information and obtains user information, wherein said unique identifier, said vendor 
information and said user information are combined by said predetermined operation into said 
compound. 

1 5 13. The method as recited in claim 1 1 , wherein said building said compound 

key further comprises communicating said compound key to a second device, and said reading 
at least a portion of said electronic data further comprises communicating said portion of said 
electronic data to said second device, wherein said second device performs said decrypting 
said electronic data using said compound key as a decryption key. 

20 14. The method as recited in claim 13, further comprising: 

communicating, from said second device to said first device, an authentication 

code to said first device; 

reading, at said first device, a unique identifier from said media; 
comparing said authentication code to said unique identifier, and if said 
25 authentication code equals said unique identifier, generating a verification code which is 
communicated to said second device. 
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15. The method as recited in claim 1 1, further comprising: 
reading a predetermined string from said media; 
decrypting said predetermined string; 

comparing said predetermined string with a known string; and 
5 halting said method if said predetermined string does not equal said known 

string. 



1 6. A system for distribution of electronic data over a network infrastructure, 

comprising: 

10 at least one client device for operation by a user desiring to receive said 

electronic data; and 

at least one server, said at least one server containing said electronic data and 
offering said electronic data for downloading to said at least one client device via said network 
infrastructure, 

1 5 wherein said at least one client device communicates a compound key to said 

at least one server, said compound key including a unique identifier associated with a 
particular piece of media to which said electronic data is to be stored, 

wherein said at least one server encrypts said electronic data using said 
compound key as a data key and downloads the encrypted electronic data to said at least one 
20 client computer, and 

wherein said at least one client computer writes the encrypted electronic data 
to said particular piece of media such that the encrypted electronic data may only be accessed 
from said particular piece of media. 

1 7. The apparatus as recited in claim 1 6, wherein said at least one client device 
25 further submits a form to said at least one server, wherein said form is processed by said at 

least one server and said server communicates a metatag and transaction filed to said at least 
one client. 
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18. The apparatus as recited in claim 17, wherein said metatag and said 
transaction file launch a client program at said at least one client device after being 
communicated to said at least one client. 

19. The apparatus as recited in claim 1 8, wherein said client program opens 
5 said transaction file and parses metadata from metatags within said transaction file, and 

wherein said at least one client connects to a server address identified by a predetermined 
metatag in said transaction file to receive said electronic data. 

20. The apparatus as recited in claim 19, wherein said server address is 
dynamically changed by said at least one server as said electronic data is requested from said 

1 0 at least one server. 

2 1 . An apparatus for reading encrypted electronic data associated to one piece 
of media by a compound key that includes at least a unique identifier contained on said one 
piece of media, comprising: 

a processor which controls and executes instructions to read said electronic 
1 5 data and said unique identifier from said one piece of media; and 

a media drive, responsive to said processor, which reads said unique identifier; 
wherein said electronic data is decrypted for use by said apparatus or another 
device attached to said apparatus using said compound key as a data key, and 

wherein said data is accessible from only said one piece of media having said 
20 unique identifier and said data is not accessible from any other media having a different or no 
identifier. 

22. The apparatus as recited in claim 21, further comprising an application 
specific integrated circuit, wherein said application specific integrated circuit performs said 
decryption. 
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23. The apparatus as recited in claim 22, further comprising an analog to 
digital converter, wherein said application specific integrated circuit decompresses said 
electronic data and said analog to digital converter converts said decompressed electronic data 
into audio signals. 

5 24. The apparatus as recited in claim 21 , said media drive further comprising 

an application specific integrated circuit, wherein said application specific integrated circuit 
performs said decryption, and said decrypted electronic data is passed to said apparatus. 

25. The apparatus as recited in claim 21, wherein said media drive reads a 
predetermined string from said media, and said processor decrypts said predetermined string 

10 and compares said predetermined string with a known string, and 

wherein said apparatus is halted if said predetermined string does not equal 

said known string. 

26. The apparatus as recited in claim 21, wherein said compound key 
comprises said unique identifier, vendor information and user information. 

j 5 27. A method of electronically distributing electronic data from one media to 

a second media within a device, said method utilizing a compound key that includes unique 
identifier of said second media to associate said electronic data with only said second media, 
said method comprising: 

accessing said second media; 

20 reading said unique identifier from a predetermined location on said second 

media; 

building said compound key through a predetermined operation using at least 

said unique identifier; 

reading said electronic data from said first media; 
25 encrypting said electronic data after said reading using said compound key as 

an encryption key; and 
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writing said electronic data to said second media, such that said information 
may be accessed for use from only said second media. 

28. The method of claim 27, building said compound key comprises: 
obtaining vender information; 
obtaining user information; and 

building said compound key through said predetermined operation using said 
unique identifier, said vendor information, and said user information. 
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Iomega Transaction File (ITF) File format 

specification 

version 0.1 

Meta Tags 

1 ITFVERSION: ITF Format Version number specified in n.n major, 
minor format Example is <ITFVERSION>: 0.1 

2 ITFNEWFILE: This Metatag indicates a new block of Metatags and 
Metadata follows. Should be the first Metatag following the 
ITFVERSION Metatag. This Metatag is designed to allow compound 
ITF Files which may be used for Batch Downloads. 

3. ITFFID: This tag holds the database id for this item. 

4 ITFSERVER: Specifies the IP link to the server that contains the 
file to be processed. May be DNS entry or IP number. Prefer IP 
number so we don't have to rely on DNS translation. 

5. ITFFILENAME: The name of the file to be processed. 

6. ITFARTIST: The song artist May be multiple names comma 
delimited. 

7. rTFTITLE: The song title. 

8. ITFALBUM: The name of the album the song is from. 

9. ITFCOST: This tag contains the item's cost. 

10. ITFDATE: Date file was created, or last updated. Mm/dd/yy 

11. ITFSEE: This tag contains the file size of the item 

Usage Rules , , 

1. All Metatags begin with the Less than sign, <, and end with 
colon greater than, ':>'. 

2 All Metatags must begin in the first column of a line. 

3 Metadata immediately follows the closing :> of the Metatag and 
ends with either a new Metatag or the end of file. This allows the 
usage of any characters or text sequence including the characters 
used to delimit the Metatag itself. Caveat do not attempt to embed 
a Metatag inside the Metadata if the embedded Metatag begins on a| 
new line. 
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